package cn.com.shiro;

import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.List;

import org.apache.commons.beanutils.BeanUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import cn.com.shiroservice.LoginService;
import cn.com.word.bean.Permission;
import cn.com.word.bean.UserInfo;
import cn.com.word.pojo.SysPermission;
import cn.com.word.pojo.SysUser;

public class MyShiroRealm extends AuthorizingRealm{
	@Autowired
	LoginService loginService;
	
	
	// 设置realm的名称
	@Override
	public void setName(String name) {
		super.setName("customRealm");
	}
	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
		//getPrimaryPrincipal 获取的值 是认证的时候返回的SimpleAuthenticationInfo对象的principal对象
		UserInfo userInfo=(UserInfo)principal.getPrimaryPrincipal();
		
		//查询指定用户对应的所有权限信息
		List<SysPermission> sysPermissions=loginService.getSysPermissionByUserCode(userInfo.getUserCode());
		//该集合存放用户的所有权限表达式
		List<String> perCodes=new ArrayList<>();
		for (SysPermission sysPermission : sysPermissions) {
			perCodes.add(sysPermission.getPercode());
		}
		
		SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();
		simpleAuthorizationInfo.addStringPermissions(perCodes);
		
		System.out.println("授权执行一次。。。。。。。。。。。。。。。。。。。。。");
		return simpleAuthorizationInfo;
	}
	/**
	 * 认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		String usercode=(String) token.getPrincipal();
		//根据登陆名获取SysUser对象
		SysUser sysUser=loginService.getUserByUserCode(usercode);
		// 如果查询不到直接返回null
		if(sysUser==null){//
			return null;
		}
		//1.通过查询结果 给UserInfo赋予基本信息
		UserInfo userInfo=new UserInfo();
		userInfo.setPassWord(sysUser.getPassword());
		userInfo.setSalt(sysUser.getSalt());
		userInfo.setUserName(sysUser.getUsername());
		userInfo.setUserCode(sysUser.getUsercode());
		//2.获取当用户认证之后 能够访问的菜单及相关信息
		List<SysPermission> iterms=null;
		try {
			iterms=loginService.getSysPermissionByUserCode(usercode);
		} catch (Exception e) {
			// TODO: handle exception
			e.printStackTrace();
		}
		
//		userInfo.setUrl();
		List<Permission> permissions=new ArrayList<>();
		for (SysPermission sysPermission : iterms) {
			Permission permission=new Permission();
			try {
				//通过BeanUtil工具  将逆向工程生成的SysPermission的属性 拷贝到自定义的Permission对象中
				BeanUtils.copyProperties(permission, sysPermission);
				
				permissions.add(permission);
//				System.out.println("*************"+permission.getName());
			} catch (IllegalAccessException e) {
				e.printStackTrace();
			} catch (InvocationTargetException e) {
				e.printStackTrace();
			}
		}
		userInfo.setPermissons(permissions);
		String salt=userInfo.getSalt();
		String userPassword=userInfo.getPassWord();
		SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
				userInfo, userPassword,ByteSource.Util.bytes(salt), this.getName());

		return simpleAuthenticationInfo;
	}
	/**
	 * 清空缓存中用户的权限信息
	 */
	public void clearCacheService(){
		System.out.println("缓存清理一次*************");
		PrincipalCollection  princopals=SecurityUtils.getSubject().getPrincipals();
		super.clearCache(princopals);
		
	}
}
